The security issue of the wireless network is far more important than that of the wired Ethernet. The US Institute of Electrical and Electronics Engineers (IEEE) has stipulated 802.11 and 802.16 serial standards to enhance the security of the Wireless Local Area Network and the Wireless Metropolitan Area Network and to provide a secure access to a base station for a mobile station. China has promulgated the national standard of the Wireless Local Area Network GB15629.11, generally called WLAN Authentication and Privacy Infrastructure (WAPI) protocol. The BWM network, as a new wireless network architecture, integrates data communication and broadcast communication. Secure access and secure communication issues should be addressed in the BWM network. One of key issues for addressing the secure communication is how to manage diverse keys in the system.
IEEE802.11 proposes the Wired Equivalent Privacy (WEP) protocol to implement the security of WLAN, in which the key management is very simple, i.e. a shared key is configured manually to use between a mobile station and an access point. Disadvantages lie in that there is no perfect key management solution, which causes difficult system extension and bad system flexibility.
The WEP cryptographic protocol has a severe security fault. The IEEE802.11i standard utilizes four handshake protocols to manage and deduce keys, which addresses the security issue of WEP, but has the following disadvantages: key management can not be based on levels of service, i.e. key deduction is performed between specific terminals and access nodes and different keys can not be deduced for different services to realize differentiated levels of service. The negotiation efficiency of multicast key is low, i.e. a negotiation of a multicast key should be performed between an access node and any one of a group of mobile stations. The update efficiency of multicast key is low, i.e. an update of a multicast key needs the access node and each mobile station to perform the update, which causes a low efficiency. Different multicast encryption keys can not be provided for different services.
Some disadvantages in WEP are overcome in Chinese national standard GB15629.11. However, the key management protocol of GB15629.11 has the same disadvantages as IEEE802.11i.
The WMAN IEEE802.16 criteria proposed by the US IEEE can not prevent an attacker from imitating a base station to cheat a mobile station, thus the key management is not secure. IEEE802.16e standard use the method of IEEE802.11i standard for reference to propose an improved solution. Such a solution has the following disadvantages:
Key management is performed in a time synchronization manner, which causes complicated state management. The use and disuse of a new key are determined on time. It is complicated to maintain synchronization clocks in a distributed system. There are many system states, which causes complicated management.